29 Nov
2011
29 Nov
'11
11:27 p.m.
On 11/30/2011 08:01 AM, Jayavant Patil wrote:
[...]
I have two users ldap_6 and ldap_7. I want to restrict a user tosee his own data only. In slapd.conf, I specified the rule as follows: access to * by self write. by * none
But ldap_6 can see the ldap_7 user entries (or vice versa) with $ldapsearch -x -v -D "cn=root,dc=abc,dc=com" -b"ou=People,dc=abc,dc=com" "uid=ldap_7"
Any suggestions?
The above search is done as cn=root, not uid=ldap_6.
If cn=root is your rootdn, it can see everything.
--
Bjørn